/// <summary>
/// Determines whether a url uses a secure scheme according to the policy.
/// </summary>
/// <param name="url">The URL.</param>
/// <param name="policy">The policy.</param>
/// <returns>
/// <c>true</c> if [is secure scheme] [the specified URL]; otherwise, <c>false</c>.
/// </returns>
public static bool IsSecureScheme(Uri url, DiscoveryPolicy policy)
{
if (policy.RequireHttps != true)
{
return(true);
}
if (policy.AllowHttpOnLoopback != true)
{
return(string.Equals(url.Scheme, "https", StringComparison.OrdinalIgnoreCase));
}
var hostName = url.DnsSafeHost;
foreach (var address in policy.LoopbackAddresses)
{
if (string.Equals(hostName, address, StringComparison.OrdinalIgnoreCase))
{
return(true);
}
}
return(string.Equals(url.Scheme, "https", StringComparison.OrdinalIgnoreCase));
}
/// <summary>
/// Initializes a new instance of the <seealso cref="IdTokenValidator"/>
/// while specifying the discovery policy.
/// </summary>
public IdTokenValidator(DiscoveryPolicy discoveryPolicy)
{
DiscoveryPolicy = discoveryPolicy;
}
